aboutsummaryrefslogtreecommitdiffstats
path: root/community
diff options
context:
space:
mode:
Diffstat (limited to 'community')
-rw-r--r--community/stunnel/APKBUILD58
-rw-r--r--community/stunnel/stunnel.conf61
-rw-r--r--community/stunnel/stunnel.initd55
-rw-r--r--community/stunnel/stunnel.pre-install6
4 files changed, 180 insertions, 0 deletions
diff --git a/community/stunnel/APKBUILD b/community/stunnel/APKBUILD
new file mode 100644
index 0000000000..41bcb45700
--- /dev/null
+++ b/community/stunnel/APKBUILD
@@ -0,0 +1,58 @@
+# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
+# Contributor: Dean Takemori <deant@hawaii.rr.com>
+# Contributor: Jakub Jirutka <jakub@jirutka.cz>
+# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
+pkgname=stunnel
+pkgver=5.35
+pkgrel=1
+pkgdesc="SSL encryption wrapper between network client and server."
+url="http://www.stunnel.org/"
+arch="all"
+license="GPL2+ with OpenSSL exception"
+depends="openssl"
+makedepends="openssl-dev"
+subpackages="$pkgname-doc"
+install="$pkgname.pre-install"
+source="https://www.stunnel.org/downloads/$pkgname-$pkgver.tar.gz
+ stunnel.initd
+ stunnel.conf"
+builddir="$srcdir/$pkgname-$pkgver"
+
+build() {
+ cd "$builddir"
+ ./configure \
+ --build=$CBUILD \
+ --host=$CHOST \
+ --prefix=/usr \
+ --sysconfdir=/etc \
+ --mandir=/usr/share/man \
+ --localstatedir=/var \
+ --disable-fips \
+ || return 1
+ make || return 1
+}
+
+package() {
+ cd "$builddir"
+
+ make DESTDIR="$pkgdir" install || return 1
+
+ install -Dm755 "$srcdir"/stunnel.initd \
+ "$pkgdir"/etc/init.d/stunnel || return 1
+ install -m644 "$srcdir"/stunnel.conf \
+ "$pkgdir"/etc/stunnel/stunnel.conf || return 1
+
+ mkdir -p "$pkgdir"/usr/share/doc/$pkgname/examples/
+ mv "$pkgdir"/etc/stunnel/stunnel.conf-sample \
+ "$pkgdir"/usr/share/doc/$pkgname/examples/
+}
+
+md5sums="9079f5fafbccaf88b7d92b227d78249a stunnel-5.35.tar.gz
+da32978d82c03158d7b947e10b1ba284 stunnel.initd
+f1227c57d136eb7db3853844f683916a stunnel.conf"
+sha256sums="ffa386ae4c825f35f35157c285e7402a6d58779ad8c3822f74a9d355b54aba1d stunnel-5.35.tar.gz
+01c7c7f43cebb299659cd344a98bc64418d516f6530d0b24772d70bb1d56847e stunnel.initd
+42971d32e5e79490564d2f71d6a47bbe4aaabd740ba75b75e38207ea0845fec1 stunnel.conf"
+sha512sums="cdec7ddafbfac4a1d420704baec72fedbd655871137ec8283c066203c0859019c6e11ce00647e5b471a019409e4eb5e9525166eddd7ddffa25055b95c0cacd9e stunnel-5.35.tar.gz
+33e215413e08fdd5783cc76e6ba6a2342fb6d0573f801815c4d3022625e71be6c9739d47a7a61bf7c803f27911b9c92cf6ae3e522add040f83802e1aaeaee000 stunnel.initd
+a72bfddeb74787d58c9fd24782d86c0498ce3530a43fbdd4ec4c4b57baa6257b6ef21005aca274b22c4a22cdbbbcee63dd3d841f458af248db9c69e8d59fa56f stunnel.conf"
diff --git a/community/stunnel/stunnel.conf b/community/stunnel/stunnel.conf
new file mode 100644
index 0000000000..4bc301d479
--- /dev/null
+++ b/community/stunnel/stunnel.conf
@@ -0,0 +1,61 @@
+# Sample stunnel configuration file by Michal Trojnara 2002-2005
+# Some options used here may not be adequate for your particular configuration
+# Please make sure you understand them (especially the effect of chroot jail)
+
+# Certificate/key is needed in server mode and optional in client mode
+# cert = /etc/stunnel/stunnel.pem
+# key = /etc/stunnel/stunnel.pem
+
+# Some security enhancements for UNIX systems - comment them out on Win32
+# chroot = /chroot/stunnel/
+setuid = stunnel
+setgid = stunnel
+# PID is created inside chroot jail
+pid = /run/stunnel/stunnel.pid
+
+# Some performance tunings
+socket = l:TCP_NODELAY=1
+socket = r:TCP_NODELAY=1
+#compression = rle
+
+# Workaround for Eudora bug
+#options = DONT_INSERT_EMPTY_FRAGMENTS
+
+# Authentication stuff
+#verify = 2
+# Don't forget to c_rehash CApath
+# CApath is located inside chroot jail:
+#CApath = /certs
+# It's often easier to use CAfile:
+#CAfile = /etc/stunnel/certs.pem
+# Don't forget to c_rehash CRLpath
+# CRLpath is located inside chroot jail:
+#CRLpath = /crls
+# Alternatively you can use CRLfile:
+#CRLfile = /etc/stunnel/crls.pem
+
+# Some debugging stuff useful for troubleshooting
+#debug = 7
+#output = stunnel.log
+
+# Use it for client mode
+client = yes
+
+# Service-level configuration
+
+#[pop3s]
+#accept = 995
+#connect = 110
+
+#[imaps]
+#accept = 993
+#connect = 143
+
+#[ssmtp]
+#accept = 465
+#connect = 25
+
+#[https]
+#accept = 443
+#connect = 80
+#TIMEOUTclose = 0
diff --git a/community/stunnel/stunnel.initd b/community/stunnel/stunnel.initd
new file mode 100644
index 0000000000..6b8ab0335b
--- /dev/null
+++ b/community/stunnel/stunnel.initd
@@ -0,0 +1,55 @@
+#!/sbin/openrc-run
+
+instance_name="${SVCNAME#*.}"
+instance_name="${instance_name:-stunnel}"
+config_file="${STUNNEL_CONFIGFILE:-/etc/stunnel/$instance_name.conf}"
+
+extra_started_commands="reload"
+
+command="/usr/bin/stunnel"
+command_args="$config_file $STUNNEL_OPTIONS"
+pidfile="/run/stunnel/$instance_name.pid" # default value
+
+required_files="$config_file"
+
+
+depend() {
+ need net
+ before logger
+}
+
+start_pre() {
+ pidfile=$(config_get "pid" "$pidfile")
+
+ local chroot_dir=$(config_get "chroot")
+ [ -z "$chroot_dir" ] || start_stop_daemon_args="--chroot $chroot_dir"
+
+ local user=$(config_get "setuid" "stunnel")
+ local group=$(config_get "setgid" "stunnel")
+
+ checkpath -d -m 0775 -o root:$group /run/stunnel
+
+ if [ ! "$(dirname "$pidfile")" -ef "/run" ]; then
+ checkpath -d -m 0755 -o $user:$group "$(dirname "$pidfile")"
+ fi
+}
+
+stop_pre() {
+ pidfile=$(config_get "pid" "$pidfile")
+}
+
+reload() {
+ pidfile=$(config_get "pid" "$pidfile")
+
+ ebegin "Reloading $SVCNAME"
+ start-stop-daemon --signal HUP --pidfile "$pidfile" --name stunnel
+ eend $?
+}
+
+config_get() {
+ local key="$1"
+ local default="${2:-}"
+
+ local val="$(sed -En "s|^$key\s*=\s*(.*)\s*$|\1|p" "$config_file")"
+ echo "${val:-$default}"
+}
diff --git a/community/stunnel/stunnel.pre-install b/community/stunnel/stunnel.pre-install
new file mode 100644
index 0000000000..972669c12a
--- /dev/null
+++ b/community/stunnel/stunnel.pre-install
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+addgroup -S stunnel 2>/dev/null
+adduser -S -D -H -h /dev/null -s /sbin/nologin -G stunnel -g stunnel stunnel 2>/dev/null
+
+exit 0